X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;f=security%2Fimpl%2Fsrc%2Fmain%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthentication%2FJaasUserAccessor.java;fp=security%2Fimpl%2Fsrc%2Fmain%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthentication%2FJaasUserAccessor.java;h=8387a6004fae8dd5b33a790fe472ea9dc6575adb;hb=0adf8fb6e00f08a022379cff5edb43fcde30184c;hp=0000000000000000000000000000000000000000;hpb=225f5d67c047f25de6bd53ae24f120fbc7fee620;p=utils diff --git a/security/impl/src/main/java/org/wamblee/security/authentication/JaasUserAccessor.java b/security/impl/src/main/java/org/wamblee/security/authentication/JaasUserAccessor.java new file mode 100644 index 00000000..8387a600 --- /dev/null +++ b/security/impl/src/main/java/org/wamblee/security/authentication/JaasUserAccessor.java @@ -0,0 +1,119 @@ +/* + * Copyright 2005-2010 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.wamblee.security.authentication; + +import java.security.AccessController; +import java.security.Principal; + +import java.util.Set; + +import javax.security.auth.Subject; + +/** + * Implementation of the user accessor that retrieves user information from + * JAAS. + * + * @author Erik Brakkee + */ +public class JaasUserAccessor implements UserAccessor { + /** + * User administration to use. + */ + private UserAdministration admin; + + /** + * Class of the JAAS user principal. + */ + private Class userPrincipalClass; + + /** + * Constructs user accessor. + * + * @param aAdmin + * User administration. + * @param aUserClassName + * Class name of the user principal. + */ + public JaasUserAccessor(UserAdministration aAdmin, String aUserClassName) { + admin = aAdmin; + + try { + userPrincipalClass = Class.forName(aUserClassName); + + if (!Principal.class.isAssignableFrom(userPrincipalClass)) { + throw new IllegalArgumentException("Specified class '" + + aUserClassName + "' is not a subclass of '" + + Principal.class.getName()); + } + } catch (ClassNotFoundException e) { + throw new RuntimeException(e); + } + } + + /* + * (non-Javadoc) + * + * @see org.wamblee.usermgt.UserAccessor#getCurrentUser() + */ + public User getCurrentUser() { + Subject subject = Subject.getSubject(AccessController.getContext()); + + if (subject == null) { + return null; + } + + Principal userPrincipal = getUserPrincipal(subject); + + return admin.getUser(userPrincipal.getName()); + } + + /** + * Gets the user principal from the subject. + * + * @param aSubject + * Subject. + * + * @return User principal. + * + * @throws IllegalArgumentException + * In case there is a duplicate principal or the principal was + * not found. + */ + private Principal getUserPrincipal(Subject aSubject) { + Set principals = aSubject.getPrincipals(); + Principal userPrincipal = null; + + for (Principal principal : principals) { + if (principal.getClass().equals(userPrincipalClass)) { + if (userPrincipal != null) { + throw new IllegalArgumentException( + "Multiple principals for class '" + userPrincipalClass + + "', subject: " + aSubject); + } + + userPrincipal = principal; + } + } + + if (userPrincipal == null) { + throw new IllegalArgumentException( + "No user principal found for class '" + userPrincipalClass + + "', subject: " + aSubject); + } + + return userPrincipal; + } +}